<?php
/**
 * This file is part of webman.
 *
 * Licensed under The MIT License
 * For full copyright and license information, please see the MIT-LICENSE.txt
 * Redistributions of files must retain the above copyright notice.
 *
 * @author    walkor<walkor@workerman.net>
 * @copyright walkor<walkor@workerman.net>
 * @link      http://www.workerman.net/
 * @license   http://www.opensource.org/licenses/mit-license.php MIT License
 */

use app\api\controller\AppsController;
use app\api\controller\AuthController;
use app\api\controller\UsersController;
use app\api\controller\LandingController;
use app\api\controller\MembershipController;
use app\api\controller\BalanceController;
use app\api\controller\DataExportController;
use app\api\controller\PerformanceController;
use app\admin\controller\AdminController;
use app\api\middleware\CryptMiddleware;
use app\api\middleware\DeviceMiddleware;
use app\api\middleware\TokenAuthMiddleware;
use app\api\middleware\ApiOptimizationMiddleware;
use app\api\middleware\RateLimitMiddleware;
use app\api\middleware\SecurityMiddleware;

use Webman\Route;

Route::options('[{path:.+}]', function (){
   return response('');
});

Route::group('/api', function () {
   // Apply security middleware to all API routes
   Route::group('', function () {
      // users
      Route::group('/users', function () {
         Route::get('/info', [UsersController::class, 'info'])->middleware([TokenAuthMiddleware::class]);
         Route::post('/register', [UsersController::class, 'register']);
         Route::post('/login', [UsersController::class, 'login']);
         Route::get('/loginout', [UsersController::class, 'loginout'])->middleware([TokenAuthMiddleware::class]);
      });
      // unified auth - apply rate limiting
      Route::group('/auth', function () {
         Route::post('/login', [AuthController::class, 'login'])->middleware([RateLimitMiddleware::class]);
         Route::post('/register', [AuthController::class, 'register'])->middleware([RateLimitMiddleware::class]);
         Route::get('/me', [AuthController::class, 'me'])->middleware([TokenAuthMiddleware::class]);
         Route::post('/logout', [AuthController::class, 'logout'])->middleware([TokenAuthMiddleware::class]);
         Route::post('/check-user-type', [AuthController::class, 'checkUserType']);
      });
      // apps
      Route::group('/apps', function () {
         Route::get('/list', [AppsController::class, 'list'])->middleware([ApiOptimizationMiddleware::class]);
         Route::post('/create', [AppsController::class, 'create']);
         Route::put('/update/{id}', [AppsController::class, 'update']);
         Route::get('/detail/{id}', [AppsController::class, 'detail'])->middleware([ApiOptimizationMiddleware::class]);
         Route::get('/statistics/{id}', [AppsController::class, 'statistics'])->middleware([ApiOptimizationMiddleware::class]);
         Route::delete('/delete/{id}', [AppsController::class, 'delete']);
         Route::get('/membership-info', [AppsController::class, 'membershipInfo'])->middleware([ApiOptimizationMiddleware::class]);
         Route::get('/sdk-config', [AppsController::class, 'sdkConfig'])->middleware([ApiOptimizationMiddleware::class]);
         Route::get('/sdk-stats', [AppsController::class, 'sdkStats'])->middleware([ApiOptimizationMiddleware::class]);
         Route::post('/export', [DataExportController::class, 'exportAppData']);
      })->middleware([TokenAuthMiddleware::class]);
      // apps
      Route::group('/device', function () {
         Route::post('/info', [AppsController::class, 'info']);
         Route::post('/custom', [AppsController::class, 'custom']);
         Route::post('/event', [AppsController::class, 'event']);
      })->middleware([DeviceMiddleware::class,CryptMiddleware::class,]);
      // landing
      Route::group('/landing', function () {
         Route::post('/track', [LandingController::class, 'track']);
      });
      // membership
      Route::group('/membership', function () {
         Route::get('/info', [MembershipController::class, 'info'])->middleware([ApiOptimizationMiddleware::class]);
         Route::get('/plans', [MembershipController::class, 'plans'])->middleware([ApiOptimizationMiddleware::class]);
         Route::get('/check-app-permission', [MembershipController::class, 'checkAppPermission'])->middleware([ApiOptimizationMiddleware::class]);
         Route::get('/billing-records', [MembershipController::class, 'billingRecords'])->middleware([ApiOptimizationMiddleware::class]);
         Route::get('/user-logs', [MembershipController::class, 'userLogs'])->middleware([ApiOptimizationMiddleware::class]);
      })->middleware([TokenAuthMiddleware::class]);
      // balance
      Route::group('/balance', function () {
         Route::post('/create-recharge-order', [BalanceController::class, 'createRechargeOrder']);
         Route::get('/info', [BalanceController::class, 'getBalance']);
         Route::get('/records', [BalanceController::class, 'getBalanceRecords']);
         Route::post('/balance-payment', [BalanceController::class, 'balancePayment']);
         Route::get('/config', [BalanceController::class, 'getBalanceConfig']);
         Route::post('/payment-notify', [BalanceController::class, 'handleYiPayNotify']);
      })->middleware([TokenAuthMiddleware::class]);
      // payment callback (no auth required)
      Route::post('/payment/yipay-notify', [BalanceController::class, 'handleYiPayNotify']);
      // performance monitoring disabled temporarily
      // admin
      Route::group('/admin', function () {
         Route::post('/login', [AdminController::class, 'login'])->middleware([RateLimitMiddleware::class]);
         Route::get('/dashboard', [AdminController::class, 'dashboard'])->middleware([TokenAuthMiddleware::class, ApiOptimizationMiddleware::class]);
         Route::get('/users', [AdminController::class, 'users'])->middleware([TokenAuthMiddleware::class, ApiOptimizationMiddleware::class]);
         Route::get('/merchants', [AdminController::class, 'merchants'])->middleware([TokenAuthMiddleware::class, ApiOptimizationMiddleware::class]);
         Route::get('/apps', [AdminController::class, 'apps'])->middleware([TokenAuthMiddleware::class, ApiOptimizationMiddleware::class]);
         Route::get('/settings', [AdminController::class, 'settings'])->middleware([TokenAuthMiddleware::class, ApiOptimizationMiddleware::class]);
         Route::post('/settings/update', [AdminController::class, 'updateSettings'])->middleware([TokenAuthMiddleware::class]);
      });
   })->middleware([SecurityMiddleware::class]);
});

 Route::disableDefaultRoute();



